Cybersecurity Incident Specialist
Bengaluru, Karnataka, India
Who are we?
Whatfix is the #1 Digital Adoption Platform (DAP) for Enterprises. We are disrupting the way Learning, Training and Application Support content is consumed. We provide large enterprises with a SaaS platform that helps accelerate product adoption and reduce support & training efforts by providing contextual and step by step guidance inside any web application at the exact time a task is being performed. The product has redefined the way companies onboard, train, and provide support to users.
What sets us apart from the rest?
With over 100 of the Fortune 500 companies already onboard as customers, Whatfix has been named among the top 20 B2B tech companies alongside the likes of Adobe, PayPal, and Cisco.
With a YoY growth of 300%, we have also been recognized among the top 50 fastest growing SaaS companies worldwide in the SaaS 1000 list and as a Market Leader by Gartner in the Digital Adoption space.
“Hustle Mode ON” is something we live by.
The SOC coordinator will be the single point of contact for the SOC team and will be responsible for performing the initial review of all incidents reported by the SOC. Coordinate with various stakeholders in ensuring tracking closures and escalating when the timelines are not met.
- Coordinate with the SOC team and perform initial triage of the issue
- Respond to cyber security tickets and provide analysis and trending of security log data from security devices as well as various security tool portals
- Tune rules and thresholds to improve fidelity of alerts
- Work with the stakeholders towards integrating security events of existing and new solutions into the SIEM.
- Provide proactive “threat hunting” to detect incidents
- Prepare reports of analysis and results to provide briefings to management and clients
- Provide Incident Response support when analysis confirms actionable incident
- Investigate, document, and report on information security issues and emerging trends.
- Participate in Cybersecurity tabletop exercises to SOC staff and relevant stakeholder groups for the purposes of identifying process improvement opportunities.
- Define protocols and maturing of 'playbooks' for operational response to cyber threats
- Operate autonomously to further investigate and escalate in accordance with policies, procedures and defined processes
- Lead SOC analysts during incident response actions, advise and coordinate with leadership during active incidents
- Contribute to the improvements to the SOC monitoring, hunting, and incident management processes.
- Create weekly reports on technical KPI and key metric data to provide to management.
- Provide SOC management monthly trending metrics of SOC operations.
- Lead post-incident reviews.
Skills and Experience Required:
- Experience as a Senior Security Analyst leading a team
- Experience with Security Operations Center, network event analysis and/or threat analysis
- Excellent knowledge and demonstrated experience in incident response tools, techniques and processes for effective threat containment, mitigation and remediation.
- Good knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.
- Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits.
- Good knowledge of common enterprise technology infrastructure, platforms, middleware, databases, applications and tooling, including; Windows, Linux, infrastructure management and networking hardware.
- Good knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques and procedures in order to inform adjustments to the control plane.
- Expertise in integrating Cloud applications to SIEM
- Experience working as an Incident Responder in a SAAS organization.
- Knowledge of various security methodologies and technical security solutions
- Experience analyzing data from cybersecurity monitoring tools
- Ability to analyze endpoint, network, and application logs
- Experience tuning and/or configuring SIEM and vulnerability tools
- Knowledge of common Internet protocols and applications
- Scripting experience in Linux or PowerShell preferred
- Qualification Required: Bachelor/Master Degree in either Computer Engineering or Information science
- Excellent communication (written and oral) and client relationship management skills
- Strong experience with security platforms for analysis of incidents and events
- Minimum experience: 6+ years of experience managing incidents
- 3+ years of experience working with security tools performing deployment, configuration, and maintaining operations, content development
- 3+ years of experience working with security operations capabilities (e.g. incident response, security infrastructure management or monitoring services)
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.Apply to this job
Other jobs like this
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Head of Information Security jobs
- Open Senior Information Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Staff Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cloud Security Operations Lead jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Threat detection-related jobs
- Open Open Source-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open DevSecOps-related jobs
- Open Machine Learning-related jobs